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DETAILED ACTION 



1. Claims 8 and 9 have been canceled; claims 1, 10 - 13, 20, 45 and 55 - 58 have 
been amended in an amendment filed 3/4/2005. Claims 1 - 7, 10 - 32 and 37 - 70 
have been examined. 



Continued Examination Under 37 CFR 1.114 



2. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
3/4/2005 has been entered. 

Response to Argument 

3. Applicant remarks: "Brothers does not qualify as a §1 02(e) reference based on 
its non-provisional filing date alone" (Page 29 4*^ Paragraph). Applicant's arguments 
have been fully considered and a copy of provisional application for Brothers 
(60/224,907) is attached to show the record that Brothers is qualified as the prior art 
under §1 02(e) and §1 03(a). 
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4. In general, Brother's provisional application (filing date: 08/1 1/2000) teaches a 
secure content on an HTTP URL distribution infrastructure that allows the clients / users 
to access the data content from a network web server or its associated cache server 
(Brothers provisional: page 1 2"^ Para Line 1 -4). 

5. Brother further teaches a security module "Rights Management Enforcer*' 
performs the following security checks: 

• (a) Rights Management Enforcer entity validates the request for resource is 
authorized or not (Provisional of Brothers: page 2, 2"^ Para Line 4 - 7). 

• (b) Rights Management Enforcer entity as taught by Brothers (provisional) is 
responsible for validating a HTTP request that uses a secure URL, 
determines if the secure URL is properly formatted (Brothers (provisional): 
Page 8, 1®* Para). Examiner notes "properly formatted" must include (i) 
qualified characters and (ii) right length. Official Notice it is also well known 
URLs typically have a maximum length of two hundred and fifty-six (256) 
characters - please referred to Rollins (PN: 2002/0103712, Para [0087]). 
Thereby, each field (arguments) of secure URL, including the resource path 
as one of parameters / arguments, should not exceed 256 characters; 
otherwise, it becomes improperly formatted and violates the rule of secure 
URL as imposed by Rights Management Enforcer entity as taught by Brothers 
provisional (Brothers Provisional: page 8, 1^* Para). With respect to the valid 
file extension, Brother (provisional) teaches Rights Management Enforcer 
evaluates the secure URL including how various fields are encoded (Brothers 
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Provisional: page 7, Bullet of Format Field) and the "Formatted Path" of a 
URL is disclosed including "file.ext" (i.e. file extension) (Brothers Provisional: 
page 4 2"^ Para). 

• (c) If the secure URL is determined to be invalid, it may send various status 
responses, for example, "file not found" or "forbidden" (interpreted as posing 
security risk) (Brothers Provisional: Page 8 4^^ Para). 

6. As per claim 1 , 20, 45 and 14 in particular as shown in Applicant's remarks, 
please see the same reasons set forth in the following Office action. Please note, for 
the ease of reading, the following Office action is first presented in the sequence of 
rejecting claim 1 , claim 20, claim 45 and then claim 14 to synchronize the same order of 
arguments as shown in Applicant's remarks. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

A person shall be entitled to a patent unless - 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 1 -7, 12, 14, 15, 18,20-25, 28, 30-37,40,42-54, 57, 59 -62 and 
65 - 70 are rejected under 35 U.S.C. 103(a) as being unpatentable over Farber (Patent 
Number: US 6415280 B1), in view of Brothers (Publication Number: US 2002/0083178), 
and in view of Rosenthal (Patent Number: 5359659). 



Application/Control Number: 09/751,016 
Art Unit: 2131 



Page 5 



As per claim 1 , Farber discloses a network system comprising: 

a. a first device to maintain an original resource (Farber: inter alia, Column 43 Line 
59-61); 

b. a second device to maintain a replica resource remotely from the first device, the 
replica resource being replicated from the original resource (Farber: inter alia, Column 
43 Line 59-61); 

c. memory to store a cached descriptor corresponding to the original resource 
(Farber: inter alia, Column 12 Line 38 - 43, Column 3 Line 56 - 57, Column 39 Line 24 
- 25 and Figure 1 (b): Applicant defines a Descriptor can be a hash function of the 
resource, a calculated checksum (CRC) or any other functional identifier that can be 
formulated to provide a basis for comparison of different instantiations of a resource. 
Farber teaches that a "True Name" of a data item (for example, files, database records 
and the like) obtained by computing a MD, or a hash function, is virtually guaranteed to 
represent the given data item and only that particular data item. Therefore, a Taie 
Name Is qualified as a Descriptor and both of them are served as resource unique 
identifiers); 

Examiner notes Farber teaches data items in the system can be verified and 
have their integrity checked (Farber: inter alia. Column 34 Line 45 - 49 and Column 43 
Line 62 - 64). However, Farber does not show that a security component is configured 
to determine whether a request will pose a security risk (as Applicant argues). 
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Examiner notes Rosenthal teaches upon any attempt to execute the program as 
user requests, the security modules will execute first and scan for virus or data 
corruption (i.e. integrity check) - If any viruses or corruption are detected, execution of 
the program is aborted and a warning message is displayed (Rosenthal: inter alia, 
Abstract Line 9 - 1 3 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rosenthal within the system of Farber 
because Rosenthal teaches enhancing the security and, more particular, the integrity of 
computer programs against corruption by software viruses or other means (Rosenthal: 
see for example, Column 1 Line 5 - 10). 

Accordingly, Farber in view of Rosenthal teaches: 
d-1 . a security component to determine whether the replica resource will pose a 
security risk to the second device upon receipt of a request for the replica resource, 
the security component being configured to determine whether the request will pose a 
security risk to the second device. 

Farber as modified does not disclose expressly that the request designates a 
resource locator. 

Brothers (Provisional) teaches the request designates a resource locator 
(Brothers (Provisional): see for example, Page 2, 2"^ Para, Line 1-12). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Brothers within the system of Farber as 
modified because Brothers teaches providing a system of secure content on an HTTP 
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URL distribution infrastructure that allows the clients / users to access the data content 
from a network web server or its associated cache server (Brothers (provisional): page 
1 2"^ Para Line 1 - 4) in a way that limited access data to be published into a 
distribution network while still ensuring that only a limited users is able and authorized to 
view the content (Brothers (Provisional): see for example, Column 1 Line 5-10). 

Accordingly, Farber as modified teaches: 
d-2. wherein the request designates a resource locator. 

e. formulating a descriptor corresponding to the replica resource and comparing the 
formulated descriptor with the cached descriptor (Farber: inter alia, Column 31 Line 27 - 
30 and Column 37 Line 36 - 42); and 

f. if the formulated descriptor and the cached descriptor are not equivalent, 
formulating a second descriptor corresponding to the original resource and comparing 
the formulated descriptor with the second descriptor (Farber: inter alia, Column 3 Line 
35 - 38 and Column 31 Line 31 - 33: (a) Farber discloses providing Verify True File 
mechanism to verify that the data item in a True File registry is indeed the correct "data 
item" given its "True Name" (Farber: inter alia, Column 31 Line 26 - 33), (b) Farber 
defines a True Name is computed using a function, MD (Message Digest - equivalent to 
CRC), to guarantee representing the data block and only data block (Farber: inter alia, 
Column 12 Line 38 - 43). Therefore, the True Name" is qualified as a "Descriptor", (c) 
Farber also discloses the system caches "data items" (i.e. True Name // Descriptor), so 
that only the most recently accessed data items need to be retained (Farber: inter alia, 
Column 3 Line 56 - 57). (d) Farber disclose data items (i.e. True Name // Descriptor) 
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can be verified and have their integrity check to ensure that they match the stored True 
Names and any change in a True Name potentially signals corruption in the system and 
can be further investigated (Farber: inter alia. Column 34 Line 45 - 55). (e) Farber 
further discloses if an error is found (i.e. the file is corrupted), the system "has the ability 
to heal itself by finding another source for the True File with the given name (Farber: 
inter alia, Column 31 Line 31 - 33: This must require formulating a second descriptor 
(i.e. second True Name // Descriptor) corresponding to the original resource (i.e. 
another source that holds the original true file) so that the validation of original 
uncorrupted file can be conducted). Therefore, Farber indeed teaches formulating a 
descriptor corresponding to the replica resource and comparing the formulated 
descriptor with the cached descriptor (i.e. True Name of Farber's) and then if the 
formulated descriptor and the cached descriptor are not equivalent, formulating a • 
second descriptor corresponding to the original resource and comparing the formulated 
descriptor with the second descriptor*' (i.e. (d) & (e) as addressed above). 

As per claim 20, the claim limitations are met as the same reasons set forth in 
the paragraph above regarding to claim 1 with the exception of the feature a security 
component in a computing device remote to the network server and registerable with 
the server component during run-time. However, Examiner notes Farber further 
discloses a Remote Mechanism to enable the capabilities of the present invention in a 
peer-to-peer network mode of operation to access the True File registry through the 
Remote Procedure Call (RPC) style interface running over many available / existing 



Application/Control Number: 09/751,016 Page 9 

Art Unit: 2131 

protocols" (Farber: inter alia, Column 23 Line 14 - 44). The RPC (Remote Procedure 
Call) is inherently assured that the client must be registered with the server system 
during the run-time first before the further communications can really start. 

As per claim 45 (and claim 25, 33, 37 and 61), the claim limitations are met as 
the same reasons set forth in claim 1 . In response to Applicant's remarks, a copy of 
provisional application for Brothers (60/224,907) is attached to show the record that 
Brothers is qualified as the prior art under §1 02(e) and §1 03(a). 

As per claim 14, the claim limitations are met as the same reasons set forth in, 
the paragraph above regarding to claim 1 (and claim 20) with the exception of the 
feature the request posing the security risk if the resource has been corrupted and if 
execution of the resource will compromise the network server However, Examiner 
notes Rosenthal teaches upon any attempt to execute the program as user requests, 
the security modules will execute first and scan for virus or data corruption (i.e. integrity 
check) - If any viruses or corruption are detected, execution of the program is aborted 
and a warning message is displayed (Rosenthal: inter alia, Abstract Line 9-13 and 
Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rosenthal within the system of Farber 
because Rosenthal teaches enhancing the security and, more particular, the integrity of 
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computer programs against corruption by software viruses or other means (Rosenthal: 
see for example, Column 1 Line 5-10). 

As per claim 2, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches the security component determines that the replica 
resource is not a security risk if the formulated descriptor and the cached descriptor are 
equivalent (Farber: inter alia, Column 37 Line 12 - 13 and Figure 28 & Rosenthal: inter 
alia, Abstract Line 9-13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 3, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches if the formulated descriptor and the cached descriptor 
are not equivalent, and if the formulated descriptor and the second descriptor are 
equivalent, the security component determines that the replica resource is not a security 
risk (Farber: inter alia, Column 37 Line 13-14 Figure 28 & Rosenthal: inter alia, 
Abstract Line 9-13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 4, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches if the formulated descriptor and the cached descriptor 
are not equivalent, and if the formulated descriptor and the second descriptor are 
equivalent, the security component determines that the replica resource is not a security 
risk, and the cached descriptor is replaced with the second descriptor (Farber: inter alia, 
Column 25 Line 57 - 61 and Column 37 Line 13 - 17 & Rosenthal: inter alia, Abstract 
Line 9-13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 
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As per claim 5, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches if the formulated descriptor and the cached descriptor 
are not equivalent, and if the formulated descriptor and the second descriptor are not 
equivalent, the security component determines that the replica resource is a security 
risk, and the replica resource is replaced with a copy of the original resource (Farber: 
inter alia, Column 37 Line 51 - 52 and Column 31 Line 31 - 32 & Rosenthal: inter alia, 
Abstract Line 9 - 13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 6, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches if the formulated descriptor and the cached descriptor 
are not equivalent, and if the formulated descriptor and the second descriptor are; not 
equivalent, the security component determines that the replica resource is a security 
risk, the replica resource is replaced with a copy of the original resource, and the 
cached descriptor is replaced with the second descriptor (Farber: inter alia. Column 37 
Line 33 - 35 & Rosenthal: inter alia. Abstract Line 9-13 and Column 2 Line 55 - 62 & 
Figure 3 Element 54 / 56). 

As per claim 7, Farber teaches the claimed invention as described above (see 
claim 1 ). Farber further teaches the security component formulates the cached 
descriptor when the original resource is replicated to create the replica resource 
(Farber: inter alia, Column 37 Line 33 - 35). 

As per claim 12, 18, 28, 40, 57 and 65, Brothers further teach the request 
designates a resource locator having a resource identifier, and wherein the security 
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component determines that the request is not a security risk if the resource identifier 
has a valid file extension (Brother (provisional): page 7, Bullet of Format Field and page 
4, 2"^ Para: Brothers teaches Rights Management Enforcer evaluates the secure URL 
including how various fields are encoded (Brothers Provisional: page 7, Bullet of Format 
Field) and the "Formatted Path" of a URL is disclosed including "file.ext" (i.e. file 
extension) (Brothers Provisional: page 4, 2"^ Para). 

As per claim 15 and 21 , Brothers further teach if the security component 
determines that the request will pose a security risk, the security component redirects 
the request to indicate; that the resource is not available (Brothers, Page 8, 4*^ Para - 
File "not found"). 

As per claim 22, Farber teaches the claimed invention as described above (see 
claim 20). Farber further teaches: 

a. the security component: formulates a descriptor corresponding to the resource; 
compares the formulated descriptor with a cached descriptor, the cached descriptor 
corresponding to the resource and formulated when the resource is initially requested 
(Farber: inter alia. Column 31 Line 27 - 30. Column 37 Line 36 - 42, Column 14 Line 26 
" 30 and Column 3 Line 56 - 57); and 

b. determines that the resource is not a security risk if the formulated descriptor and 
the cached descriptor are equivalent (Farber: inter alia, Column 37 Line 12-13 and 
Figure 28 & Rosenthal: inter alia. Abstract Line 9 - 13 and Column 2 Line 55 - 62 & 
Figure 3 Element 54 / 56). 
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As per claim 23, Farber teaches the claimed invention as described above (see 
claim 20). Farber further teaches: 

a. formulates a descriptor corresponding to the resource; compares the formulated 
descriptor with a cached descriptor, the cached descriptor corresponding to the 
resource and formulated when the resource is initially requested (Farber: inter alia, 
Column 31 Line 27 - 30, Column 37 Line 36-42, and Column 1 4 Line 26 - 30); 

b. if the formulated descriptor and the cached descriptor are not equivalent, 
formulates a second descriptor corresponding to an original resource maintained on a 
file server remotely located from the network server, the resource being replicated from 
the original resource (Farber: inter alia. Column 3 Line 35 - 38 and Column 31 Line 31 
-33); 

c. compares the formulated descriptor with the second descriptor; and determines 
that the resource is not a security risk if the formulated descriptor and the second 
descriptor are equivalent (Farber: inter alia, Column 37 Line 13-14 and Figure 28 & 
Rosenthal: inter alia, Abstract Line 9-13 and Column 2 Line 55 - 62 & Figure 3 
Element 54 / 56). 

As per claim 24, Farber teaches the claimed invention as described above (see 
claim 20). Farber further teaches: 

a. formulates a descriptor corresponding to the resource; compares the formulated 
descriptor with a cached descriptor, the cached descriptor corresponding to the 
resource and formulated when the resource is initially requested (Farber: inter alia, 
Column 31 Line 27 - 30, Column 37 Line 36-42, and Column 14 Line 26 - 30); 
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b. if the formulated descriptor and the cached descriptor are not equivalent, 
formulates a second descriptor corresponding to an original resource maintained on a 
file server remotely located from the network server, the resource being replicated from 
the original resource (Farber: inter alia, Column 3 Line 35 - 38 and Column 31 Line 31 
- 33); 

c. compares the formulated descriptor with the second descriptor; if the formulated 
descriptor and the second descriptor are not equivalent, initiates that the resource 
stored on the network server be replaced with a copy of the original resource 
maintained on the file server (Farber: inter alia, Column 37 Line 51 - 52 and Column 31 
Line 31 - 32); and 

d. initiates that the cached descriptor be replaced with the second descriptor 
(Farber: inter alia, Column 37 Line 33 - 35). 

As per claims 30 and 42, Farber further teach: 

a. formulates a descriptor corresponding to the resource; compares the 
formulated descriptor with a cached descriptor, the cached descriptor corresponding to 
the resource and formulated when the resource is initially requested (Farber: inter alia. 
Column 31 Line 27 - 30, Column 37 Line 36 - 42, Column 14 Line 26 - 30 and Column 
3 Line 56 - 57); and 

b. determines that the resource is not a security risk if the formulated 
descriptor and the cached descriptor are equivalent (Farber: inter alia, Column 37 Line 
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12-13 and Figure 28 & Rosenthal: inter alia, Abstract Line 9-13 and Column 2 Line 
55 - 62 & Figure 3 Element 54 / 56). 

As per claims 31 and 43, Farber further teach: 

a. formulates a descriptor corresponding to the resource; compares the formulated 
descriptor with a cached descriptor, the cached descriptor corresponding to the 
resource and formulated when the resource is initially requested (Farber: inter alia, 
Column 31 Line 27 - 30, Column 37 Line 36 - 42, and Column 14 Line 26 - 30); 

b. if the formulated descriptor and the cached descriptor are not equivalent, 
formulates a second descriptor corresponding to an original resource maintained on a 
file server remotely located from the network server, the resource being replicated from 
the original resource (Farber: inter alia, Column 3 Line 35 - 38 and Column 31 Line 31 
-33); 

c. compares the formulated descriptor with the second descriptor; and determines 
that the resource is not a security risk if the formulated descriptor and the second 
descriptor are equivalent (Farber: inter alia, Column 37 Line 13-14 and Figure 28 & 
Rosenthal: inter alia. Abstract Line 9 - 13 and Column 2 Line 55 - 62 & Figure 3 
Element 54 / 56). 

As per claims 32 and 44, Farber further teach: 
a. formulates a descriptor corresponding to the resource; compares the formulated 
descriptor with a cached descriptor, the cached descriptor corresponding to the 
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resource and formulated when the resource is initially requested (Farber: inter alia, 
Column 31 Line 27 - 30, Column 37 Line 36 - 42, and Column 14 Line 26 - 30); 

b. if the formulated descriptor and the cached descriptor are not equivalent, 
formulates a second descriptor corresponding to an original resource maintained on a 
file server remotely located from the network server, the resource being replicated from 
the original resource (Farber: inter alia, Column 3 Line 35 - 38 and Column 31 Line 31 
-33); 

c. compares the formulated descriptor with the second descriptor; if the formulated 
descriptor and the second descriptor are not equivalent, initiates that the resource 
stored on the network server be replaced with a copy of the original resource 
maintained on the file server (Farber: inter alia, Column 37 Line 51 - 52 and Column 31 
Line 31 - 32); and 

d. initiates that the cached descriptor be replaced with the second descriptor 
(Farber: inter alia, Column 37 Line 33 - 35). 

As per claim 34, Farber teaches the claimed invention as described above (see 
claim 33). Farber further teaches the security component formulates the cached 
descriptor when the resource is initially requested (Farber, see inter alia, Column 14 
Line 26 - 30 and Column 13 Line 56 - 57). 

As per claim 35, Farber teaches the claimed invention as described above (see 
claim 33). Farber further teaches the security component initiates a remote data server 
to formulate the cached descriptor and store the cached descriptor on the remote 
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second computing device when the resource is stored on the computing device (Farber, 
see inter alia, Column 23 Line 15-23 and Column 23 Line 41 - 43: to retrieve and 
store the cache descriptor can be considered as the dual services). 

As per claim 36, Farber teaches the claimed invention as described above (see 
claim 33). Farber further teaches if the formulated descriptor and the cached descriptor 
are not equivalent, the security component initiates that the resource be replaced with a 
copy of the resource maintained on the remote second computing device (Farber, see 
inter alia, Column 25 Line 57 - 61 and Column 37 Line 13-17). 

As per claim 46, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches allowing the request if said determining that the 
replica resource does not pose a security risk to the computing device (Farber, see inter 
alia. Figure 28 & Rosenthal: inter alia, Abstract Line 9 - 13 and Column 2 Line 55 - 62 
& Figure 3 Element 54 / 56). 

As per claim 47, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches redirecting the request to indicate that the replica 
resource is not available if determining that the replica resource poses a security risk to 
the computing device (Farber, see inter alia, Figure 28 & Rosenthal: inter alia, Abstract 
Line 9 - 13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 48, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches replacing the cached descriptor with the second 
descriptor if the formulated descriptor and the second descriptor are equivalent (Farber, 
see inter alia. Column 25 Line 57 - 61 and Column 37 Line 13-17). 
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As per claim 49, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches replacing the replica resource with a copy of the 
original resource if the formulated descriptor and the cached descriptor are not 
equivalent, and if the formulated descriptor and the second descriptor are not equivalent 
(Farber, see inter alia, Column 37 Line 51 - 52 and Column 31 Line 31 - 32). 

As per claim 50, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches replacing the cached descriptor with the second 
descriptor if the formulated descriptor and the cached descriptor are not equivalent, and 
if the formulated descriptor and the second descriptor are not equivalent (Farber, see 
inter alia. Column 37 Line 33 - 35). 

As per claim 51 , Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches formulating the cached descriptor when the original 
resource is replicated to create the replica resource (Farber, see inter alia, Column 37 
Line 33 - 35). 

As per claim 52, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches formulating the cached descriptor when the replica 
resource is initially requested (Farber, see inter alia, Column 14 Line 26-30 and 
Column 3 Line 56 - 57). 

As per claim 53, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches determining whether the request will pose a security 
risk (Farber, see inter alia, Column 34 Line 45 - 50 and Column 31 Line 30 & 
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Rosenthal: inter alia, Abstract Line 9 - 13 and Column 2 Line 55 - 62 & Figure 3 
Element 54 / 56). 

As per claim 54, Farber teaches the claimed invention as described above (see 
claim 45). Farber further teaches determining whether the request will pose a security 
risk; and redirecting the request to indicate that the replica resource is not available if 
determining that the request poses a security risk to the computing device (Farber, see 
inter alia, Figure 28 & Rosenthal: inter alia, Abstract Line 9-13 and Column 2 Line 55 - 
62 & Figure 3 Element 54 / 56 & Brothers: Page 8, 4*^ Paragraph). 

As per claim 59, Farber teaches the claimed invention as described above (see 
claim 45). The claim recites computer-readable medium comprising computer 
executable instructions that, when executed, direct a computing system to perform the 
method of claim 45. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to select a computing device to serve this purpose. 

As per claim 60, Farber teaches the claimed invention as described above (see 
claim 58). The claim recites computer-readable medium comprising computer 
executable instructions that, when executed, direct a computing system to perform the 
method of claim 58. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to select a computing device to serve this purpose. 

As per claim 62, the claim recites allowing the request for the resource if 
determining that the request does not pose a security risk and if determining that the 
resource does not pose a security risk. Farber as modified further teach the request 
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can't be allowed if determining the request poses a security risk (Rosenthal: inter alia. 
Abstract Line 9-13 and Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 66, Farber further teaches: 
a. formulating a descriptor corresponding to the resource; comparing the formulated 
descriptor with a cached descriptor corresponding to the resource and formulated when 
the resource is initially requested (Farber: inter alia, Column 31 Line 27 - 30, Column 
37 Line 36 - 42, Column 14 Line 26 - 30 and Column 3 Line 56 - 57; and 

b. determining that the resource does not pose a security risk if the 
formulated descriptor and the cached desaiptor are equivalent (Farber: inter alia, 
Column 37 Line 12-13 and Figure 28 & Rosenthal: inter alia, Abstract Line 9-13 and 
Column 2 Line 55 - 62 & Figure 3 Element 54 / 56). 

As per claim 67, Farber further teaches: 

a. formulating a descriptor corresponding to the resource; comparing the formulated 
descriptor with a cached descriptor corresponding to the resource and formulated when 
the resource is initially requested (Farber: inter alia. Column 31 Line 27 - 30, Column 
37 Line 36 - 42, and Column 14 Line 26 - 30); 

b. determining that the resource does not pose a security risk if the formulated 
descriptor and the cached descriptor are equivalent; if the formulated descriptor and the 
cached descriptor are not equivalent, formulating a second descriptor corresponding to 
an original resource remotely located, the resource replicated from the original source 
(Farber: inter alia. Column 3 Line 35 - 38 and Column 31 Line 31 - 33 & Rosenthal: 
inter alia. Abstract Line 9-13 and Column 2 Line 55 -62 & Figure 3 Element 54 / 56); 
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c. comparing the formulated descriptor with the second descriptor; and determining 
that the resource does not pose a security risk if the formulated descriptor and the 
second descriptor are equivalent (Farber: inter alia, Column 37 Line 13-14 and Figure 
28 & Rosenthal: inter alia, Abstract Line 9-13 and Column 2 Line 55 - 62 & Figure 3 
Element 54 / 56). 

As per claim 68, Farber further teaches: 

formulating a descriptor corresponding to the resource; comparing the formulated 
descriptor with a cached descriptor corresponding to the resource and formulated when 
the resource is initially requested (Farber: inter alia. Column 31 Line 27 - 30, Column 
37 Line 36 - 42, Column 14 Line 26 - 30 and Column 3 Line 56 - 57); 

b. determining that the resource does not pose a security risk if the formulated 
descriptor and the cached descriptor are equivalent (Farber, see inter alia, Column 37 
Line 12 - 13 and Figure 28 & Rosenthal: inter alia, Abstract Line 9-13 and Column 2 
Line 55 - 62 & Figure 3 Element 54 / 56); 

c. if the formulated descriptor and the cached descriptor are not equivalent, 
formulating a second desaiptor corresponding to an original resource remotely located, 
the resource replicated from the original resource (Farber, see inter alia. Column 3 Line 
35 - 38 and Column 31 Line 31 - 33); 

d. comparing the formulated descriptor with the second descriptor; and determining 
that the resource does not pose a security risk if the formulated descriptor and the 
second descriptor are equivalent (Farber, see inter alia. Column 37 Line 13-14 and 
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Figure 28 & Rosenthal: inter alia, Abstract Line 9 - 13 and Column 2 Line 55 - 62 & 
Figure 3 Element 54 / 56); 

e. if the formulated descriptor and the second descriptor are not equivalent, 
replacing the resource with a copy of the original resource and replacing the cached 
descriptor with the second descriptor (Farber, see inter alia, Column 37 Line 51 - 52, 
Column 31 Line 31 - 32 and Column 37 Line 33 - 35). 

As per claim 69, the claim recites computer-readable medium comprising 
computer executable instructions that, when executed, direct a computing system to 
perform the method of claim 61 . It would have been obvious to a person of ordinary 
skill in the art at the time the invention was made to select a computing device to serve 
this purpose. 

As per claim 70, the claim recites computer-readable medium comprising 
computer executable instructions that, when executed, direct a computing system to 
perform the method of claim 68. It would have been obvious to a person of ordinary 
skill in the art at the time the invention was made to select a computing device to serve 
this purpose. 
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8. Claims 10, 11, 13, 16-17, 19, 26-27, 29, 38-39, 41, 55-56, 58 and 63 -64 
are rejected under 35 U.S.C. 103(a) as being unpatentable over Farber (Patent 
Number: US 6415280 B1), in view of Brothers (Publication Number: US 2002/0083178), 
in view of Rosenthal (Patent Number: 5359659), and in view of Rollins (Patent Number: 
2002/0103712). 

As per claim 10, Farber teaches the claimed invention as described above (see 
claim 1 ). Brothers further teach the request designates a resource locator having a 
resource path, the resource path identifying a location of the replica resource, and 
wherein the security component determines that the request is not a security risk if the 
resource path is well formatted (Provisional of Brothers, see inter alia, page 8, 1^* Para 
and Page 8 4*^ Para). Brother further teaches a security module "Rights Management 
Enforcer'* performs the following security checks: 

• (a) Rights Management Enforcer entity validates the request for resource is 
authorized or not (Provisional of Brothers: page 2, 2"^ Para Line 4 - 7). 

• (b) Rights Management Enforcer entity as taught by Brothers (provisional) is 
responsible for validating a HTTP request that uses a secure URL, 
determines if the secure URL is properly formatted (Brothers (provisional): 
Page 8, 1®* Para). Examiner notes "properly formatted" must include (i) 
qualified characters and (ii) right length. Official Notice it is also well known 
URLs typically have a maximum length of two hundred and fifty-six (256) 
characters - please referred to Rollins (PN: 2002/0103712, Para [0087]). 
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Thereby, each field (arguments) of secure URL, including the resource path 
as one of parameters / arguments, should not exceed 256 characters; 
otherwise, it becomes improperly formatted and violates the rule of secure 
URL as imposed by Rights Management Enforcer entity as taught by Brothers 
provisional (Brothers Provisional: page 8, 1®* Para). With respect to the valid 
file extension, Brother (provisional) teaches Rights Management Enforcer 
evaluates the secure URL including how various fields are encoded (Brothers 
Provisional: page 7, Bullet of Format Field) and the "Formatted Path" of a 
URL is disclosed including "file.ext" (i.e. file extension) (Brothers Provisional: 
page 4, 2"^ Para). 

• (c) If the secure URL is determined to be invalid, it may send various status 
responses, for example "forbidden" (interpreted as posing security risk) 
(Brothers Provisional: Page 8 4**^ Para). 
However, Brothers (provisional) does not disclose expressly that the security 
component determines that the request is not a security risk if the resource path does 
not exceed a maximum number of characters. 

Rollins teaches a URL typically has a maximum length of 256 characters (Rollins: 
Para [0087]). 

It would have been obvious to a person of ordinary skill in the art at the time the 
invention was made to combine the teaching of Rollins within the system of Farber as 
modified because Rollins teaches an internet Integrated Order Mechanism proxy that 
allows clients to enter URL of product search page and first go to lOM proxy secure 
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communications between participants in a flexible manner similar to the proxying 
approach using relative URL instead of absolute UR (Rollins: see for example, Para 
[0074] and [0071]). 

As per claim 11, Farber teaches the claimed invention as described above (see 
claim 1 ). Brothers further teach the request designates a resource locator having a 
plurality of arguments, and wherein the security component determines that the request 
is not a security risk if individual arguments do not exceed a maximum number of 
characters, and if a total number of characters defining all of the arguments do not 
exceed a maximum number of characters (see the same rationale in rejecting claim 10: 
Examiner notes the maximum number of characters herein is interpreted as the total 
number of characters aggregated from the maximum number of characters at each 
individual field. Therefore, the proper format checking of each individual arguments do 
not exceed a maximum number of characters is inherently validating and assuring a 
total number of characters defining all of the arguments do not exceed a maximum 
number of characters). 

As per claim 1 3, 1 6 - 1 7. 1 9, 26 - 27, 29, 38 - 39, 41 , 55 - 56, 58 and 63 - 64, 
the claim limitations are met as the same reasons set forth in claim 1 with its dependent 
claims 10-12. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Longbit Chai whose telephone number is 571-272-3788. 
The examiner can normally be reached on Monday-Friday 8:00am-4:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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